PHP HMac Restful Api

Hi, created a HMAC Restful api on github. Feedback welcome.

Still have a few things left - change from client id (auto incremented) to 20 character public key (so you can't iterate through) - need to include uri hash check for better security - need to check timestamp, allow only 5 min span - client is lame - add better documentation on github

https://github.com/jeteokeeffe/php-hmac-rest-api

Thanks for sharing!

Looks good, i'll take it for a spin soon.



3.8k

if you find any issues, let me know, ill fix asap



21.7k

Excellent.



1.7k

Thanks for sharing. When I try your client-connect.php the application returns

The requested URL /php-hmac-rest-api/ping was not found on this server.

The Request looks valid... Any ideas where my mistake might be?



3.8k

the request should come across as /ping and NOT /php-hmac-rest-api/ping



1.7k

How do I accomplish that? I just changed the parts you mentioned on GitHub...

edited Jun '15

Bruno, you may be missing the .htaccess file at the root:

<IfModule mod_rewrite.c> RewriteEngine On RewriteRule ^$ public/ [L] RewriteRule (.*) public/$1 [L] </IfModule>



1.7k

with this .htaccess i get an 500 internal server error

edited Jun '15

you also need an .htaccess inside the folder public:

<IfModule modrewrite.c> RewriteEngine On RewriteCond %{REQUESTFILENAME} !-d RewriteCond %{REQUESTFILENAME} !-f RewriteRule ^(.*)$ index.php?url=/$1 [QSA,L] </IfModule>

and the client-connect.php, change the $host accordingly to your server url :

$route = '/ping';
//$route = '/test/4';
//$route = '/doesntexist';
//$route = '/skip/auth';

if (isset($argv[1])) {
    $host = 'http://' . $argv[1] . $route;
} else {
    //$host = "http://api.example.com" . $route;
    // change the $host  accordingly to your server url :
    $host = "http://localhost/php-hmac-rest-api-master" . $route;

}